The upward trends associated with incident costs, frequency, and time to contain demonstrate that current approaches to insider risk are simply not working. In fact, the numbers clearly show we are going backwards.
Funding is being inadvertently misdirected due in part to a widespread misunderstanding of insider risks and how they manifest based on early warning behaviors. A whole-of-industry approach is required to educate and find common ground on how we define and discuss insider risks with enterprise and government entities.
On a positive note, more and more organizations are building insider risk programs and seeking budget and executive buy-in to fund and champion them. Our research echoes similar findings from other leading analysts and research organizations, notably Forrester, Gartner, MITRE Corporation and Verizon. The human is unquestionably at the center of most data breaches – and increasingly, that human risk is an insider, right under our noses. By homing in on insider risk management, organizations have a powerful opportunity to proactively identify and mitigate insider risks well before a costly incident occurs.
Download the 2023 Ponemon Report to learn more.